View-Based Access Control Model; Mib Views; Access Policy; Ip Precedence And Dscp Support For Snmp - Cisco NCS 5000 Series Manual

System management configuration guide for cisco ncs 5000 series routers

Hide thumbs Also See for NCS 5000 Series:

Hardware installation manual (72 pages)

Manual (186 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

page of 188

/ 188
Contents
Table of Contents
Bookmarks

Table of Contents

Implementing SNMP

• Message integrity—Ensures that messages have not been altered or destroyed in an unauthorized manner

• Message origin authentication—Ensures that the claimed identity of the user on whose behalf received

• Message confidentiality—Ensures that information is not made available or disclosed to unauthorized

SNMPv3 authorizes management operations only by configured users and encrypts SNMP messages.

USM uses two authentication protocols:

• HMAC-MD5-96 authentication protocol

• HMAC-SHA-96 authentication protocol

USM uses Cipher Block Chaining (CBC)-DES (DES-56) as the privacy protocol for message encryption.

View-Based Access Control Model

The View-Based Access Control Model (VACM) enables SNMP users to control access to SNMP managed

objects by supplying read, write, or notify access to SNMP objects. It prevents access to objects restricted by

views. These access policies can be set when user groups are configured with the snmp-server group

command.

MIB Views

For security reasons, it is often valuable to be able to restrict the access rights of some groups to only a subset

of the management information within the management domain. To provide this capability, access to a

management object is controlled through MIB views, which contain the set of managed object types (and,

optionally, the specific instances of object types) that can be viewed.

Access Policy

Access policy determines the access rights of a group. The three types of access rights are as follows:

• read-view access—The set of object instances authorized for the group when objects are read.

• write-view access—The set of object instances authorized for the group when objects are written.

• notify-view access—The set of object instances authorized for the group when objects are sent in a

IP Precedence and DSCP Support for SNMP

SNMP IP Precedence and differentiated services code point (DSCP) support delivers QoS specifically for

SNMP traffic. You can change the priority setting so that SNMP traffic generated in a router is assigned a

specific QoS class. The IP Precedence or IP DSCP code point value is used to determine how packets are

handled in weighted random early detection (WRED).

After the IP Precedence or DSCP is set for the SNMP traffic generated in a router, different QoS classes

cannot be assigned to different types of SNMP traffic in that router.

and that data sequences have not been altered to an extent greater than can occur nonmaliciously.

data was originated is confirmed.

individuals, entities, or processes.

notification.

System Management Configuration Guide for Cisco NCS 5000 Series Routers, IOS XR Release 6.2.x

IP Precedence and DSCP Support for SNMP

Table of Contents

Show Quick Links

Quick Links:
System Management Features Added or Modified...
How to Configure Manageability
Implementing Ntp

Hide quick links:

Table of Contents

View-Based Access Control Model; Mib Views; Access Policy; Ip Precedence And Dscp Support For Snmp - Cisco NCS 5000 Series Manual

View-Based Access Control Model

MIB Views

Access Policy

IP Precedence and DSCP Support for SNMP

Hide quick links:

Related Manuals for Cisco NCS 5000 Series

Related Content for Cisco NCS 5000 Series

Table of Contents